it is all the sites on the VPS that slow to a stop, I do not think there are extra hits on my threads.
ie is they are hitting the server root in

root/var/www/vhosts/clubadventist/httpdocs/"domainroot"

1and1,com, is a great price, and you get what you pay for.

yeppers

well if it is all the sites on their server, it is their problem, not much you can do about it except yell at them, and they are such a huge company, I don't think that will work to well.

FWIW, 1&1 is a joke as a host; i have like 8 of their free "unlimited" accounts from a promo years ago, it's still not worth using lol

.htaccess does not cover your server root. For that you need to do a hosts deny file setup and that does not cover web browsers. the host.deny file only covers stuff like FTP, SSH, Telnet, and other resource servers on your server.

The cover it all you need to do both the host.deny and .htaccess

but the host.deny needs to be done by 1and1 correct? he can't access that. ?

Well, it's a VPS, so he should have full root access

Hi,

Have had many sort of attacks from China, Brazil, and eastern Europe.

I use IPTables to block some countries completely. I get a master list from: http://www.wizcrafts.net/chinese-iptables-blocklist.html for example...

Once I get their list I put it into a script file and run it on the server. Something like this:



A few other things is I move my default SSH port. This helps tremendously. On my server it is controlled in the file /etc/ssh/sshd_config

I changed or added this line. Except I used my secret numbers. These are not the actual numbers I used.


You may also want to consider moving your FTP ports as well. You can also do port scans against your server to see what is obviously visible to a hacker. There are tools for that at Sourceforge.net

http://www.configserver.com/free/csf/install.txt takes all of 10mins and this wraps the IPtables in a nice neat bow with a front end for WHM, if you have that..

http://www.lunarforums.com/dedicated_hos...l-t30205.0.html <-- good idea and also /var/shm too..

lotta stuff you can do to secure yourself...

the BIG thing and many don't do it is to set a VERY STRONG root password!! not like sirdude1234, which is gonna get cracked.. try something more like x?FHU%hJeIB}lFB9;b which is impossible to brute force

also.. don't allow root to SSH in.. force them to login with non privileged on a non standard port (like chep says above) then su to root...